1/6 



100 



112 POLICY 
SERVER MANAGEMENT 



POLICY 
CONSOLE 



110 

POLICY MANAGEMENT 



-114 



POLICY AUTHORING 



POLICY 
DATABASE 



POLICY SERVER 
(POUCY DECISION POINT) 
POLICY / X POLICY 

ENABLING, ( ) REQUEST (S)f 

DISABLING V S RESPONSE(S) 



116 



DATA 



END SYSTEM 



STREAM 




SERVERS DESKTOP(S) 
GATEWAY(S) 



ROUTER(S) 



5K 



105 



SWTTCH(ES) 

| cn noon Mil/- 706 



NIC(S) 



DATA 



STREAM 



/-108 



END SYSTEM 



POLICY CLIENTS 
(POLICY ENFORCEMENT POINTS) 



FIG. 1 
(Prior Art) 



4/6 




5/6 



401 



402 



403 



404 



Index 


Device/Group ID 


Deployment Tree 

Pnintarfc ) 
rUllllul {oj 


Configuration Tree 
Pointer 


0 


DevGrpI 


<node 31 3> 


<node 207> 


1 








2 


Rtr1 


<node 31 5> 


<node213> 










i 


SW1 


<node 31 7 > 
<node 31 8> 


<node 21 5> 


j 


SWGrpI 


<node316> 


<node212> 


k 


LBGrp! 


<node 314> 


<node211> 











FIG. 4 



6/6 




FIG. 5 



(^Find Policies Associated With A Network Component^) 



600< 







Find Policies In ADS Table 
Directly Associated With Network Component 






Generate Group Chain List For Network Component 






For Each Element In Group Chain List, Find Policies In 
ADS Table Directly Associated With That Element 



-602 



604 



606 



FIG. 6 



